Posted
by
Unknown Lamer
on Tuesday September 06, 2011 @03:12PM
from the wake-up-with-missing-kidney dept.

An anonymous reader writes "New research shows that the TDSS/TDL-4 botnet, widely considered one of the largest and most sophisticated, can be rented via a Web storefront available to all comers. Researchers from Kaspersky found that the latest version of TDSS installs a file that sets the machine up as a proxy for anonymous browsing, and then phones home to awmproxy.net, which rents the proxies for rates from $3 per day to $300 a week. The curators of this service even created a Firefox add-on to help customers. 'Interestingly, AWMproxy says it accepts payment via PayPal, MasterCard, and Visa.'"

Idiot. There's no conspiracy here. Wikileaks got the attention of the press and authorities very quickly. This rent-a-bot site is just now making news, and when the payment processors get word of it, they will cut off business.

> when the payment processors get word of it, they will cut off business.

Huh? Call up a credit card company and tell them they are allowing people to rent botnets by using said credit card. They will have no idea wtf you are talking about, and they certainly wouldn't care. It will take courts/governments to get them to stop accepting the charges for these services. And even then it its a one-off thing. Credit card companies don't have a toggle button that turns off CC payments that go to botnet managers.

or better yet if you introduce your self as Special Agent Mug Funky (or whatever your DL says) and state that you are currently investigating a possible crime then maybe you might get some action (and if you are actually SA Funky it might be legal to do so:) )

Even if you can't make money on those things with BitCoin, if they accepted BioCoin payments (LOLZ) that would make it possible to rent these systems 100% anonymously, and would finally provide a use for BitCoins.

Three dollars a day is 12.5 cents an hour. Now can you actually turn out more than 12.5 cents worth of bitcoins per hour on what you're renting with that money? Probably not. I haven't visited the site since I'm at work, but I'm guessing the $3 a day figure is for renting a single box for proxied web browsing, not anything capable of doing any heavy lifting.

I like his idea though. If you can't clean the infected machine, at least install an additional program that warns the user they've been infected with a nasty virus. At least enough to catch the attention of the IT dept or home user. Not that I've ever used a botnet before, but are we sure they're virtualizing to the point of total OS abstraction?

Some vulnerability in their software could theoretically be used to execute arbitrary code on the host to clean the machine, and yes, that would be neat. It would be hard to compete with the other botnet software trying to do the same, however.

Yeah you can buy whatever you want with MC/Visa: nazi/white supremacist paraphernalia, a donation to the KKK, some botnet time, whatever, just don't try to donate to Wikileaks or buy anything of questionable copyright status!

Donating to white supremacist causes is covered by the first amendment.

It's not actually illegal to be an asshole. Sure, a KKK member legally can't turn down a black man's job application based on his race, but he's within his rights to feel that the law should be changed to allow him to do so. This same right protects a lot of good stuff as well.

Buying botnet time is probably illegal. Buying pirated goods is illegal. Donating to Wikileaks shouldn't be illegal, but the government probably considers them a 'terrorist group' or something, and donating money to terrorist groups is certainly illegal. Buying cigarettes overseas and not paying tariffs on them is illegal (oops!). You can do tons of illegal stuff with your Visa or Mastercard - sometimes you get caught, and sometimes you don't.

And how, exactly, is the KKK not a terrorist organization? They've actually been known to -- get this -- terrorize black people. They've bombed houses and churches, lynched people, and burned crosses in people's yards to scare them.

From a legal standpoint, a terrorist organization is not a group that terrorizes people.

A terrorist organization is a group of people the government has chosen to put on the list of terrorist organizations.

Now, don't get me wrong - I have no love for the KKK - but it's been quite a while since they went around lynching people and bombing churches and whatnot. If they started it up again, they'd be put on the list.

And who cares for that "legal standpoint"? Which actually is just a deliberate euphemism for "standpoint of those in power", and completely unrelated to the standpoint of those among us, who still have their own opinions. (99.99% don't.)Yes, since it's by "those in power" one has to act like one cares, until one can stab them in the back. But nobody who can still be considered an individual actually does.

No, it happened because your post was unclear and unrelated to my comment.

I mean, go back and look at it. Your first sentence:

And who cares for that "legal standpoint"?

makes sense, from a grammatical point of view. It doesn't make sense in context. We were talking about what is legal or illegal to do with a credit card. Visa and Mastercard care about the legal standpoint. Judges, congressmen, the Federal Reserve, lawyers, and the attorney general care about the legal standpoint. These are the people

If they started it up again. You missed the it. I'm aware they're still around. They don't go around lynching people and bombing churches anymore. If they started lynching people and bombing churches again, they'd be put on the terrorist group list.

"Just to be Honest with you i hate you and everything you stand for but I WILL DEFEND WITH MY LAST BREATH AND ONCE OF WILL YOUR RIGHT TO EXIST (until i am ordered otherwise)."

now that does not say that if i know of the KKK planning to make trouble somewhere i would not arrange for say the Black Panthers (or some similar group) to also be present but they have a right to their opinion.

I earnestly hope this gets taken down ASAP or some innocent people might wind up in prison thanks to pedos renting the botnet to get kiddie porn. I'd think that if they're taking payment via credit card then they damned well should be traceable by some means.

Trojan on pirated software? I'd say that counts as _intentional_ participation in a botnet. Perhaps that's how quite a lot of Windows malware is spread as well. But that certainly didn't amount to anything like a rootkit infection through a privilege escalation vulnerability purely in software.

If we want the world to be free of spam, free of botnets and a nice happy virtual land to live in then the simple answer lies with PayPal and the credit card companies.

If you cut off the payments then the blackhats will have to find something else to make their evil millions.

Of course, the problem is that PayPal, Visa, Mastercard and others like their revenue stream too much, they like their 1% cut of the spammer's ill gotten gains. They won't stop while any cash cow that can still be milked.

If I was Bill Gates and serious about taking down this monster, I would use a lot of cash to keep it fully rented for a month, and within that month send out specially crafted ads, that can be traced back to its originating IP, this way we can find out exactly who is infected with this IP address. This IP address person can be contacted through their ISP and let it be known they are part of a botnet, and allow them to download a free tool from MS to clean up their machines, of course...there would be resist